package com.ckm.config.xss;

import com.fasterxml.jackson.core.JsonParser;
import com.fasterxml.jackson.databind.DeserializationContext;
import com.fasterxml.jackson.databind.JsonDeserializer;
import org.apache.commons.text.StringEscapeUtils;

import java.io.IOException;

/**
 * 处理前端传递json格式数据进行特殊字符转义
 */
public class XSSJsonStringDeSerializer extends JsonDeserializer<String> {
    @Override
    public String deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException{
        return StringEscapeUtils.escapeHtml4(jsonParser.getText());
    }
}
